Posts Tagged ‘Buffer Overflow’

As any static analysis or source code analysis vendor will tell you, false positives are a way of life. As any user will tell you, false positives suck! So what do you do about them? Make the tools better at finding the real issues and provide automated filtering capabilities. But I’m not here to talk about false positives where the tool is utterly wrong. What I want to talk about today is what I call “perceptual false positives”. I’ve had discussions with customers where they tell me 80% of all their defects are false. Odd,

We have blogged before about software security guidelines, but there is one we haven’t discussed. Several years ago Microsoft published the “Security Development Lifecycle (SDL) Banned Function Calls” list. These banned functions can be a good way to remove a significant number of potential code vulnerabilities from C and C++ code. They provide recommendations on better or safer functions to use with the caveat that even these “safer” function should be used with care. You can use the banned.h file to identify and obtain deprecation warnings or, even better, use this as part of your

A while ago I talked about memory overflows. Now in this latest installment, as we look at more interesting bugs, I’ve come across a new example. Here is a situation described by a customer as “stack smashing”, which occurs when you copy a string of unknown length into a fixed buffer size. Just like the memory overflow post this is another form of a buffer overflow. So there you have it, just more terminology to describe bad things in your code. Gwyn promises to give a follow up to these posts with some details on

I have always been fascinated by the whole area of code vulnerabilities and security exploits and how hackers turn those issues into real-world problems for the rest of us. Jeremy Brown posted an interesting article on Jeremy’s Computer Security blog where he uses his security know-how to draw a straight line between a software vulnerability found with static analysis and a real 0day exploit on an open source project called gAlan. Jeremy takes us on a short journey where he finds an unprotected buffer with static analysis, creates an exploit payload to cause a buffer overrun, rewrites the